For now, yes. You can use the entire app in SSL but your techs would need to be consciously using the https address. To make it a 'default' you need to use IIS to forward the login and home pages as you'd desire since the only default internal forward that SW supports is setting https for the portal and making the portal the default landing page. The /login page and all subsequent sections (helpdesk, etc) would either have to be masked by IIS or nonexistant. You can make a login page that forwards to the app and then the IIS 404 page could forward to the login page for SW too.

I don't suggest using Apache - it's more trouble than it's worth for these purposes as discussed.

You can now open your User Portal to the outside world without compromising your Active Directory login information. All you need to do is navigate to Settings -> Help Desk Settings then scroll down and check the box next to Require HTTPS for browser connections to User Portal. All traffic to the User Portal will now be redirected to https.

Not the user portal, the actual application login page. Automatically redirect from http://"spiceworks_hostname"/login to https//"spiceworks_hostname"/login. The user portal does this as you just described and I would like for the app itself to do this as well. Thanks for your replies.

No, Spiceworks does not support that natively. What you can do is set up an IIS site with a couple pages that redirects to the SSL site for the login. This will require that you change the default port 80 for spiceworks to another port, and match that up when you use your remote collectors.

When you make your pages, you'll need one for the app and one for the portal. If I'm unclear, it should make sense once you read up on how the http protocol works.

For now, yes. You can use the entire app in SSL but your techs would need to be consciously using the https address. To make it a 'default' you need to use IIS to forward the login and home pages as you'd desire since the only default internal forward that SW supports is setting https for the portal and making the portal the default landing page. The /login page and all subsequent sections (helpdesk, etc) would either have to be masked by IIS or nonexistant. You can make a login page that forwards to the app and then the IIS 404 page could forward to the login page for SW too.

I don't suggest using Apache - it's more trouble than it's worth for these purposes as discussed.

This person is a verified professional.

We virtually force https from outside the local network by blocking http access to Spiceworks from outside. We have a port rule we use momentarily when setting up remote collectors, but it's normal state is disabled, which leaves the http port normally blocked. Admins should have the smarts to use the right port always and for any users who need access to the app, there are links on our staff internet site.

For the portal we just use the force redirection option but also have the https: address set in the Email Settings > Advanced (bottom of the page) > Email URL Hostname, so that only https is published in the notification email from helpdesk too.

then you would enable "Require HTTPS for browser connections to User Portal" and change the default from "login" to "portal". It seems it would be easier if there was just an option for "Require HTTPS for browser connections to User Login" as well

0

This topic has been locked by an administrator and is no longer open for commenting.